A podcast offering news, views and commentary on security issues for Voice Over IP(VoIP), Unified Communications (UC) and IP Telephony

April 24, 2007

Sometime this morning between about 7 and 8am Eastern US time, this podcast crossed a major milestone.... the 100,000th download occurred!

Now in the world of "mainstream" media this is a trival number that would hardly merit attention. But in the new and emerging medium of podcasting, I, for one, will celebrate that milestone... especially for something that is admittedly as niche of a topic as "VoIP security"!

To look at it another way, we've put out 74 shows since we started about 1.5 years ago. That works out to an average of 1,351 downloads per show... for a show that averages 45 minutes in length!

That there are that many folks interested in our show and topic continues to be a very humbling fact. It's an honor for us... and a responsibility that we don't take lightly. We know that just as easily as you have subscribed and downloaded our show, you have an amazing amount of choices out there and you can just as easily go elsewhere.

Both Jonathan and I THANK YOU for your continued support and participation! We have been delighted by the community of listeners and contributors that has grown up around the show and we do look forward to the continued growth of that community and to reaching many more milestones in the months and years ahead. Thank you all.

If you downloaded Blue Box #56 and wound up with a PDF file, here's why - as I noted in an "UPDATE" section at the top of the show notes to Blue Box #56, I inadvertently deleted the "enclosure" link attribute that clues podcatchers in to which media file to download. Without an enclosure link attribute, podcatchers seem to download the last "media" file. Normally, this might not have been a problem as we usually just link to other web pages, but because we linked later to the SAGE Journal PDF file, that file was chosen as the one to download. (Although it still boggles my mind a bit that podcatchers couldn't be designed to download only MP3 files or others from a range of audio/video formats.

I've fixed the link and podcatcher downloads are now working, but if you wound up with a PDF file instead, you'll unfortunately need to download the audio file directly from the Blue Box #56 show notes.

UPDATE - April 24: Unfortunately, due to an error in coding the appropriate enclosure (now fixed) many of you who subscribe via RSS will have downloaded a PDF file instead of the MP3 file. My apologies, and you'll need to unfortunately download the file directly from the website at this point.

13:04 - ComputerWorld Malaysia: All-in-one security devices face hurdles
– interesting for the mention of “Unified Threat Management” (UTM) and
the growing concern about how to work with VoIP (expressed in final
paragraph)

36:33 - Review of the last week's traffic on the VOIPSEC public mailing list

37:02 - Wrap-up of the show

38:14 - End of show

Comments, suggestions and feedback are welcome either as replies to this post or via e-mail to blueboxpodcast@gmail.com. Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows. You may also call the listener comment line at either +1-206-350-2583 or via SIP to 'bluebox@voipuser.org' to leave a comment there.

Thank you for listening and please do let us know what you think of the show.

If any Blue Box listeners are going to be at the InfoSec 2007 conference this week in London, Frank Leonhardt will be there on Wednesday and Martyn Davies will be there on Thursday. If you would like to connect with either Frank or Martyn, leave a message here and we'll be sure they get it.

64:52 - comment (email) from Martyn Davies about SE16 and removing the hum

66:05 - Review of the last week's traffic on the VOIPSEC public mailing list

67:16 - Wrap-up of the show

A bit of a travelogue about Dan's trip to Cairo, Egypt, and his impressions of the pyramids, Cairo, etc.

78:05 - End of show

Comments, suggestions and feedback are welcome either as replies to this post or via e-mail to blueboxpodcast@gmail.com. Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows. You may also call the listener comment line at either +1-206-350-2583 or via SIP to 'bluebox@voipuser.org' to leave a comment there.

Thank you for listening and please do let us know what you think of the show.

April 02, 2007

Synopsis: Interview with Saverio Niccolini from NEC about efforts to combat SPIT.

Welcome to Blue Box: The VoIP Security Podcast Special Edition #17, a 9-minute podcast of an interview by Martyn Davies of Saverio Niccolini from NEC about efforts to combat Spam-for-Internet-Telephony (SPIT). The interview took place at the 3GSM World Congress 2007 held February 12-15, 2007, in Barcelona, Spain.

At the 3GSM World Congress 2007, Blue Box contributor Martyn Davies had a chance to record an interview with Saverio Niccolini about NEC's efforts to combat Spam for Internet Telephony (SPIT). Specifically, they discussed NEC's new program VOIPSEAL, the prototype of which was unveiled at the 3GSM conference. Saverio is a Senior Research Staff Member in the
Network Laboratories at NEC (www.netlab.nec.de)

Saverio has provided the following links for additional information about the VOIP SEAL solution:

We thank Martyn for contributing this interview and Saverio for his participation.

Comments, suggestions and feedback are welcome either as replies to this post or via e-mail to blueboxpodcast@gmail.com. Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows. You may also call the listener comment line at either +1-206-350-2583 or via SIP to 'bluebox@voipuser.org' to leave a comment there.

Thank you for listening and please do let us know what you think of the show.

Full Disclosure

Jonathan Zar is affiliated with Pingalo and is the Secretary of VOIPSA and member of the Board of Directors.

This is a personal project and neither the Internet Society, Pingalo nor VOIPSA have any formal connection to this podcast. In the interest of transparency we just thought you should know our affiliations.

Why "Blue Box"?

We chose the name "Blue Box" primarily as a nod to the era of phone phreaking in part to illustrate that threats to telephony are not new - they just continue to change and evolve. That and admittedly the name just sounded cool.